Information Systems Security Officer (ISSO) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Armis · 1 month ago

Information Systems Security Officer (ISSO)

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
date5+ years exp

Armis is a cyber exposure management and security company that protects organizations' cyber risk exposure in real time. They are seeking a highly experienced Information Systems Security Officer (ISSO) to lead security authorization and continuous monitoring for their cloud platforms, ensuring compliance with stringent security standards for the defense and intelligence community.

ComplianceCyber SecurityInformation TechnologyInternet of ThingsNetwork SecurityRisk Management
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Lead and support the security authorization process for cloud solutions seeking and maintaining FedRAMP and DoD Impact Level (IL) Authorized Unclassified ( IL-4, IL-5) and Classified (IL-6) cloud solutions
Serve as the primary ISSO for all designated systems under your purview, managing their security lifecycle from initial design through authorization and sustainment
Author and maintain all required security documentation, including System Security Plans (SSPs), ensuring controls are accurately documented and aligned with implementation
Manage all aspects of FedRAMP and DoD IL Continuous Monitoring (ConMon), including gathering, reviewing, and submitting monthly, quarterly, and annual security artifacts to the appropriate authorizing bodies
Support sustained customer communications and actively participate in Continuous Monitoring Review Meetings with government partners
Drive the process for all FedRAMP and DoD IL Significant Change Requests and minor change requests, ensuring security impact analyses and authorization updates are completed accurately and on schedule
Collaborate with engineering teams to ensure control implementations are technically sound, auditable, and maintain compliance across rapidly evolving cloud and containerized environments
Support the GRC team and provide guidance related to commercial compliance efforts

Qualification

DoD 8570 IAM Level IIINIST 800-53 Revision 5AWS services managementKubernetesSecurity incident responsePythonMicrosoft Office 365Project managementCollaboration

Required

Top Secret Security Clearance & US Citizenship
5+ years of direct experience supporting DoD and/or FedRAMP systems in an Information Security Officer, compliance, or security engineering capacity
Must currently reside in the greater Washington D.C. area or be willing to travel to the area on a regular basis to meet with government and authorization partners
Must be eligible for a Top Secret security clearance (current active clearance preferred) and must maintain DoD 8570 IAM Level III baseline certifications (e.g., CISSP, CISM, GSLC). IAM Level 3
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field; equivalent professional experience will be considered in lieu of a degree
Detailed understanding of NIST 800-53 Revision 5 security controls, security requirement traceability matrices (SRTM), and continuous monitoring practices
Detailed understanding of the DISA and FedRAMP significant change request process and authorization lifecycles
Proven experience with AWS services management, security baseline enforcement, and compliance within cloud environments
Working experience with security incident response, event logging, alerting and the related tooling
Experience running Kubernetes in highly regulated environments

Preferred

Experience managing security compliance efforts in DoD classified cloud environments
Demonstrated experience with AI implementations and automations specifically targeting federal compliance and evidence generation efforts
Administrator-level knowledge of AWS and Administrator-level knowledge of Linux operating systems
Experience taking a cloud information system through the entire FedRAMP and/or DoD IL authorization process and successfully obtaining an Authorization to Operate (ATO)
Experience managing security packages and workflows within government GRC tools such as eMASS
Familiarity with FISMA and CMMC authorization processes
Ability to review Python and understand code as it relates to security controls and automation efforts, and demonstrated ability to write Python scripts to support compliance automation
Experience working with a global team where the majority of team members are remote
Experience working with task planning tools like JIRA and Asana
Experience managing content throughout its lifecycle in the Microsoft Office 365 ecosystem
Project management experience where the key stakeholders are at the executive level

Company

Armis

twittertwittertwitter
company-logo
Armis is a cyber exposure management and security company that protects the entire attack surface and detects threats in real time.
dateFounded in 2015
location
San Francisco, California, USA
people-size501-1000 employees
web-link
https://www.armis.com

Funding

Current Stage
Late Stage
Total Funding
$1.27B
Key Investors
Goldman Sachs Growth EquityGeorgianOne Equity Partners
2025-12-23Acquired
2025-11-05Series Unknown· $435M
2025-07-23Secondary Market· $100M

Leadership Team

leader-logo
Yevgeny Dibrov
Co-Founder & CEO
linkedin
leader-logo
Nadir Izrael
Co-founder & CTO
linkedin

Recent News

Jerusalem Post
What are tech exits doing to Israel's economy?
2026-01-11
TechTarget
KLAS highlights top healthcare IoT security vendors in 2026
2026-01-11
Sourcery
FOMO: All the deals you missed in December
2026-01-07
Company data provided by crunchbase